SlideShare a Scribd company logo

Spark access control on Amazon EMR with AWS Lake Formation

A
Anoop Johnson

This document discusses how to secure data access on Amazon EMR clusters using AWS Lake Formation. Lake Formation provides fine-grained, column-level access control and integrates with identity providers like Active Directory for single sign-on. It uses the AWS Glue Data Catalog as the metadata store. The document demonstrates how to configure an Amazon EMR cluster to use Lake Formation for authentication and query execution, controlling permissions at the table and column level rather than on the underlying Amazon S3 storage.

Engineering
1 of 13
Download to read offline
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Spark access control on Amazon EMR with AWS Lake Formation Anoop Johnson A N T 2 2 3 - R Principal Software Engineer Amazon Web Services
What you will learn Background Authentication Query execution Demo
Lake Formation: Secure once, access in many ways Amazon Athena Amazon Redshift Amazon EMR AWS Glue Amazon S3 Data catalog Permissions Lake Formation Admin
Control data access with grant and revoke
Permissions on tables and columns, not Amazon Simple Storage Service (Amazon S3)
View and audit data access
Why integrate Amazon EMR with Lake Formation? • Fine-grained, column-level access to databases and tables • Allows shared multi-tenant clusters to securely access data • Uses the AWS Glue Data Catalog as the metadata store • Federated single sign-on from your enterprise identity system • Active Directory (AD FS), Auth0, Okta, and many others • Uses Security Assertion Markup Language (SAML) 2.0
Query execution overview Amazon S3 Lake Formation Amazon EMR
Amazon EMR authentication Amazon EMR cluster User Used for impersonation Lake Formation
Query execution under the hood Amazon EMR worker node 1 32 4 Amazon S3 5 6 Lake Formation
Amazon EMR: Supported applications • AWS Glue Data Catalog • Identity providers with support for SAML • Applications • Spark SQL • Amazon EMR Notebooks and Zeppelin with Livy
Integrating Amazon EMR with Lake Formation • Establish trust relationship between your corporate IdP and AWS • Configure IAM roles for Lake Formation • Configure Amazon EMR security features • Launch an Amazon EMR Lake Formation-enabled cluster
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Recommended

Amazon S3 & Amazon Glacier - Object Storage Overview
Amazon S3 & Amazon Glacier - Object Storage OverviewAmazon S3 & Amazon Glacier - Object Storage Overview
Amazon S3 & Amazon Glacier - Object Storage OverviewAmazon Web Services
 
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018 AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018 Amazon Web Services Korea
 
AWS Storage and Content Delivery Services
AWS Storage and Content Delivery ServicesAWS Storage and Content Delivery Services
AWS Storage and Content Delivery ServicesAmazon Web Services
 
BDA311 Introduction to AWS Glue
BDA311 Introduction to AWS GlueBDA311 Introduction to AWS Glue
BDA311 Introduction to AWS GlueAmazon Web Services
 
Best practices on building data lakes and lake formation
Best practices on building data lakes and lake formationBest practices on building data lakes and lake formation
Best practices on building data lakes and lake formationJohn Varghese
 
Visualization with Amazon QuickSight
Visualization with Amazon QuickSightVisualization with Amazon QuickSight
Visualization with Amazon QuickSightAmazon Web Services
 
Real-time Streaming and Querying with Amazon Kinesis and Amazon Elastic MapRe...
Real-time Streaming and Querying with Amazon Kinesis and Amazon Elastic MapRe...Real-time Streaming and Querying with Amazon Kinesis and Amazon Elastic MapRe...
Real-time Streaming and Querying with Amazon Kinesis and Amazon Elastic MapRe...Amazon Web Services
 
Amazon EC2 제대로 사용하기(김상필) - AWS 웨비나 시리즈 2015
Amazon EC2 제대로 사용하기(김상필) - AWS 웨비나 시리즈 2015Amazon EC2 제대로 사용하기(김상필) - AWS 웨비나 시리즈 2015
Amazon EC2 제대로 사용하기(김상필) - AWS 웨비나 시리즈 2015Amazon Web Services Korea
 

Recommended

Amazon S3 & Amazon Glacier - Object Storage Overview
Amazon S3 & Amazon Glacier - Object Storage OverviewAmazon S3 & Amazon Glacier - Object Storage Overview
Amazon S3 & Amazon Glacier - Object Storage OverviewAmazon Web Services
 
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018 AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018 Amazon Web Services Korea
 
AWS Storage and Content Delivery Services
AWS Storage and Content Delivery ServicesAWS Storage and Content Delivery Services
AWS Storage and Content Delivery ServicesAmazon Web Services
 
BDA311 Introduction to AWS Glue
BDA311 Introduction to AWS GlueBDA311 Introduction to AWS Glue
BDA311 Introduction to AWS GlueAmazon Web Services
 
Best practices on building data lakes and lake formation
Best practices on building data lakes and lake formationBest practices on building data lakes and lake formation
Best practices on building data lakes and lake formationJohn Varghese
 
Visualization with Amazon QuickSight
Visualization with Amazon QuickSightVisualization with Amazon QuickSight
Visualization with Amazon QuickSightAmazon Web Services
 
Real-time Streaming and Querying with Amazon Kinesis and Amazon Elastic MapRe...
Real-time Streaming and Querying with Amazon Kinesis and Amazon Elastic MapRe...Real-time Streaming and Querying with Amazon Kinesis and Amazon Elastic MapRe...
Real-time Streaming and Querying with Amazon Kinesis and Amazon Elastic MapRe...Amazon Web Services
 
Amazon EC2 제대로 사용하기(김상필) - AWS 웨비나 시리즈 2015
Amazon EC2 제대로 사용하기(김상필) - AWS 웨비나 시리즈 2015Amazon EC2 제대로 사용하기(김상필) - AWS 웨비나 시리즈 2015
Amazon EC2 제대로 사용하기(김상필) - AWS 웨비나 시리즈 2015Amazon Web Services Korea
 
Aws cloud watch
Aws cloud watchAws cloud watch
Aws cloud watchMahesh Raj
 
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...Amazon Web Services
 
Introducing DynamoDB
Introducing DynamoDBIntroducing DynamoDB
Introducing DynamoDBAmazon Web Services
 
AWS Cloud trail
AWS Cloud trailAWS Cloud trail
AWS Cloud trailzekeLabs Technologies
 
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...Amazon Web Services
 
Best Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsBest Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsAmazon Web Services
 
실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive
실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive
실시간 스트리밍 분석 Kinesis Data Analytics Deep DiveAmazon Web Services Korea
 
AWS October Webinar Series - Introducing Amazon QuickSight
AWS October Webinar Series - Introducing Amazon QuickSightAWS October Webinar Series - Introducing Amazon QuickSight
AWS October Webinar Series - Introducing Amazon QuickSightAmazon Web Services
 
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...Amazon Web Services
 
Introduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptxIntroduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptxSwathiPonugumati
 
Amazon CloudFront 101
Amazon CloudFront 101Amazon CloudFront 101
Amazon CloudFront 101Amazon Web Services
 
AWS Lake Formation Deep Dive
AWS Lake Formation Deep DiveAWS Lake Formation Deep Dive
AWS Lake Formation Deep DiveCobus Bernard
 
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...Amazon Web Services
 
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...Amazon Web Services
 
Introduction to AWS Storage Services
Introduction to AWS Storage ServicesIntroduction to AWS Storage Services
Introduction to AWS Storage ServicesAmazon Web Services
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Web Services
 
Visualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightVisualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightAmazon Web Services
 
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal Health
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal HealthSRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal Health
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal HealthAmazon Web Services
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayAmazon Web Services
 
Deep Dive on Amazon S3
Deep Dive on Amazon S3Deep Dive on Amazon S3
Deep Dive on Amazon S3Amazon Web Services
 
What's New with Big Data Analytics
What's New with Big Data AnalyticsWhat's New with Big Data Analytics
What's New with Big Data AnalyticsAmazon Web Services
 
Highly secure content delivery at global scale with amazon cloudfront
Highly secure content delivery at global scale with amazon cloudfrontHighly secure content delivery at global scale with amazon cloudfront
Highly secure content delivery at global scale with amazon cloudfrontAmazon Web Services
 

More Related Content

What's hot

Aws cloud watch
Aws cloud watchAws cloud watch
Aws cloud watchMahesh Raj
 
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...Amazon Web Services
 
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...Amazon Web Services
 
Best Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsBest Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsAmazon Web Services
 
실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive
실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive
실시간 스트리밍 분석 Kinesis Data Analytics Deep DiveAmazon Web Services Korea
 
AWS October Webinar Series - Introducing Amazon QuickSight
AWS October Webinar Series - Introducing Amazon QuickSightAWS October Webinar Series - Introducing Amazon QuickSight
AWS October Webinar Series - Introducing Amazon QuickSightAmazon Web Services
 
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...Amazon Web Services
 
Introduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptxIntroduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptxSwathiPonugumati
 
AWS Lake Formation Deep Dive
AWS Lake Formation Deep DiveAWS Lake Formation Deep Dive
AWS Lake Formation Deep DiveCobus Bernard
 
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...Amazon Web Services
 
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...Amazon Web Services
 
Introduction to AWS Storage Services
Introduction to AWS Storage ServicesIntroduction to AWS Storage Services
Introduction to AWS Storage ServicesAmazon Web Services
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Web Services
 
Visualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightVisualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightAmazon Web Services
 
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal Health
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal HealthSRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal Health
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal HealthAmazon Web Services
 

What's hot (20)

Aws cloud watch
Aws cloud watchAws cloud watch
Aws cloud watch
 
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...
Visualize your data in Data Lake with AWS Athena and AWS Quicksight Hands-on ...
 
Introducing DynamoDB
Introducing DynamoDBIntroducing DynamoDB
Introducing DynamoDB
 
AWS Cloud trail
AWS Cloud trailAWS Cloud trail
AWS Cloud trail
 
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
 
Best Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsBest Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS Workloads
 
실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive
실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive
실시간 스트리밍 분석 Kinesis Data Analytics Deep Dive
 
AWS October Webinar Series - Introducing Amazon QuickSight
AWS October Webinar Series - Introducing Amazon QuickSightAWS October Webinar Series - Introducing Amazon QuickSight
AWS October Webinar Series - Introducing Amazon QuickSight
 
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
 
Introduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptxIntroduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptx
 
Amazon CloudFront 101
Amazon CloudFront 101Amazon CloudFront 101
Amazon CloudFront 101
 
AWS Lake Formation Deep Dive
AWS Lake Formation Deep DiveAWS Lake Formation Deep Dive
AWS Lake Formation Deep Dive
 
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...
Amazon RDS & Amazon Aurora: Relational Databases on AWS - SRV206 - Atlanta AW...
 
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
 
Introduction to AWS Storage Services
Introduction to AWS Storage ServicesIntroduction to AWS Storage Services
Introduction to AWS Storage Services
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015
 
Visualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightVisualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSight
 
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal Health
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal HealthSRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal Health
SRV405 Deep Dive Amazon Redshift & Redshift Spectrum at Cardinal Health
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
 
Deep Dive on Amazon S3
Deep Dive on Amazon S3Deep Dive on Amazon S3
Deep Dive on Amazon S3
 

Similar to Spark access control on Amazon EMR with AWS Lake Formation

What's New with Big Data Analytics
What's New with Big Data AnalyticsWhat's New with Big Data Analytics
What's New with Big Data AnalyticsAmazon Web Services
 
Highly secure content delivery at global scale with amazon cloudfront
Highly secure content delivery at global scale with amazon cloudfrontHighly secure content delivery at global scale with amazon cloudfront
Highly secure content delivery at global scale with amazon cloudfrontAmazon Web Services
 
Full Stack Analytics on AWS - AWS Summit Cape Town 2017
Full Stack Analytics on AWS - AWS Summit Cape Town 2017 Full Stack Analytics on AWS - AWS Summit Cape Town 2017
Full Stack Analytics on AWS - AWS Summit Cape Town 2017 Amazon Web Services
 
Securing enterprise big data workloads on AWS
Securing enterprise big data workloads on AWSSecuring enterprise big data workloads on AWS
Securing enterprise big data workloads on AWSAmazon Web Services
 
AWS re:Invent 2016: Securing Enterprise Big Data Workloads on AWS (SEC308)
AWS re:Invent 2016: Securing Enterprise Big Data Workloads on AWS (SEC308)AWS re:Invent 2016: Securing Enterprise Big Data Workloads on AWS (SEC308)
AWS re:Invent 2016: Securing Enterprise Big Data Workloads on AWS (SEC308)Amazon Web Services
 
NEW LAUNCH! Intro to Amazon Athena. Analyze data in S3, using SQL
NEW LAUNCH! Intro to Amazon Athena. Analyze data in S3, using SQLNEW LAUNCH! Intro to Amazon Athena. Analyze data in S3, using SQL
NEW LAUNCH! Intro to Amazon Athena. Analyze data in S3, using SQLAmazon Web Services
 
Securing Media Content and Applications in the Cloud (MED401) | AWS re:Invent...
Securing Media Content and Applications in the Cloud (MED401) | AWS re:Invent...Securing Media Content and Applications in the Cloud (MED401) | AWS re:Invent...
Securing Media Content and Applications in the Cloud (MED401) | AWS re:Invent...Amazon Web Services
 
AWS Innovate: Build a Data Lake on AWS- Johnathon Meichtry
AWS Innovate: Build a Data Lake on AWS- Johnathon MeichtryAWS Innovate: Build a Data Lake on AWS- Johnathon Meichtry
AWS Innovate: Build a Data Lake on AWS- Johnathon MeichtryAmazon Web Services Korea
 
Stacking Your Logs - Pop-up Loft TLV 2017
Stacking Your Logs - Pop-up Loft TLV 2017Stacking Your Logs - Pop-up Loft TLV 2017
Stacking Your Logs - Pop-up Loft TLV 2017Amazon Web Services
 
Escalando para sus primeros 10 millones de usuarios
Escalando para sus primeros 10 millones de usuariosEscalando para sus primeros 10 millones de usuarios
Escalando para sus primeros 10 millones de usuariosAmazon Web Services LATAM
 
Deep Dive on New Features in Amazon S3 & Glacier - AWS Online Tech Talks
Deep Dive on New Features in Amazon S3 & Glacier - AWS Online Tech TalksDeep Dive on New Features in Amazon S3 & Glacier - AWS Online Tech Talks
Deep Dive on New Features in Amazon S3 & Glacier - AWS Online Tech TalksAmazon Web Services
 
AWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWSAWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWSAmazon Web Services
 
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料Amazon Web Services
 
2017 AWS DB Day | Amazon Athena 서비스 최신 기능 소개
2017 AWS DB Day | Amazon Athena 서비스 최신 기능 소개 2017 AWS DB Day | Amazon Athena 서비스 최신 기능 소개
2017 AWS DB Day | Amazon Athena 서비스 최신 기능 소개 Amazon Web Services Korea
 
AWS Cloud Controls for Security - Usman Shakeel
AWS Cloud Controls for Security - Usman ShakeelAWS Cloud Controls for Security - Usman Shakeel
AWS Cloud Controls for Security - Usman ShakeelAmazon Web Services
 
Best Practices for Building a Data Lake in Amazon S3 and Amazon Glacier, with...
Best Practices for Building a Data Lake in Amazon S3 and Amazon Glacier, with...Best Practices for Building a Data Lake in Amazon S3 and Amazon Glacier, with...
Best Practices for Building a Data Lake in Amazon S3 and Amazon Glacier, with...Amazon Web Services
 
Escalando para sus primeros 10 millones de usuarios
Escalando para sus primeros 10 millones de usuariosEscalando para sus primeros 10 millones de usuarios
Escalando para sus primeros 10 millones de usuariosAmazon Web Services LATAM
 
Building a Server-less Data Lake on AWS - Technical 301
Building a Server-less Data Lake on AWS - Technical 301Building a Server-less Data Lake on AWS - Technical 301
Building a Server-less Data Lake on AWS - Technical 301Amazon Web Services
 

Similar to Spark access control on Amazon EMR with AWS Lake Formation (20)

What's New with Big Data Analytics
What's New with Big Data AnalyticsWhat's New with Big Data Analytics
What's New with Big Data Analytics
 
Highly secure content delivery at global scale with amazon cloudfront
Highly secure content delivery at global scale with amazon cloudfrontHighly secure content delivery at global scale with amazon cloudfront
Highly secure content delivery at global scale with amazon cloudfront
 
Full Stack Analytics on AWS - AWS Summit Cape Town 2017
Full Stack Analytics on AWS - AWS Summit Cape Town 2017 Full Stack Analytics on AWS - AWS Summit Cape Town 2017
Full Stack Analytics on AWS - AWS Summit Cape Town 2017
 
Securing enterprise big data workloads on AWS
Securing enterprise big data workloads on AWSSecuring enterprise big data workloads on AWS
Securing enterprise big data workloads on AWS
 
AWS re:Invent 2016: Securing Enterprise Big Data Workloads on AWS (SEC308)
AWS re:Invent 2016: Securing Enterprise Big Data Workloads on AWS (SEC308)AWS re:Invent 2016: Securing Enterprise Big Data Workloads on AWS (SEC308)
AWS re:Invent 2016: Securing Enterprise Big Data Workloads on AWS (SEC308)
 
NEW LAUNCH! Intro to Amazon Athena. Analyze data in S3, using SQL
NEW LAUNCH! Intro to Amazon Athena. Analyze data in S3, using SQLNEW LAUNCH! Intro to Amazon Athena. Analyze data in S3, using SQL
NEW LAUNCH! Intro to Amazon Athena. Analyze data in S3, using SQL
 
Securing Media Content and Applications in the Cloud (MED401) | AWS re:Invent...
Securing Media Content and Applications in the Cloud (MED401) | AWS re:Invent...Securing Media Content and Applications in the Cloud (MED401) | AWS re:Invent...
Securing Media Content and Applications in the Cloud (MED401) | AWS re:Invent...
 
AWS Innovate: Build a Data Lake on AWS- Johnathon Meichtry
AWS Innovate: Build a Data Lake on AWS- Johnathon MeichtryAWS Innovate: Build a Data Lake on AWS- Johnathon Meichtry
AWS Innovate: Build a Data Lake on AWS- Johnathon Meichtry
 
Introduction to Amazon Athena
Introduction to Amazon AthenaIntroduction to Amazon Athena
Introduction to Amazon Athena
 
Stacking Your Logs - Pop-up Loft TLV 2017
Stacking Your Logs - Pop-up Loft TLV 2017Stacking Your Logs - Pop-up Loft TLV 2017
Stacking Your Logs - Pop-up Loft TLV 2017
 
Escalando para sus primeros 10 millones de usuarios
Escalando para sus primeros 10 millones de usuariosEscalando para sus primeros 10 millones de usuarios
Escalando para sus primeros 10 millones de usuarios
 
Deep Dive on New Features in Amazon S3 & Glacier - AWS Online Tech Talks
Deep Dive on New Features in Amazon S3 & Glacier - AWS Online Tech TalksDeep Dive on New Features in Amazon S3 & Glacier - AWS Online Tech Talks
Deep Dive on New Features in Amazon S3 & Glacier - AWS Online Tech Talks
 
AWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWSAWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWS
 
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
 
2017 AWS DB Day | Amazon Athena 서비스 최신 기능 소개
2017 AWS DB Day | Amazon Athena 서비스 최신 기능 소개 2017 AWS DB Day | Amazon Athena 서비스 최신 기능 소개
2017 AWS DB Day | Amazon Athena 서비스 최신 기능 소개
 
AWS Cloud Controls for Security - Usman Shakeel
AWS Cloud Controls for Security - Usman ShakeelAWS Cloud Controls for Security - Usman Shakeel
AWS Cloud Controls for Security - Usman Shakeel
 
Best Practices for Building a Data Lake in Amazon S3 and Amazon Glacier, with...
Best Practices for Building a Data Lake in Amazon S3 and Amazon Glacier, with...Best Practices for Building a Data Lake in Amazon S3 and Amazon Glacier, with...
Best Practices for Building a Data Lake in Amazon S3 and Amazon Glacier, with...
 
Escalando para sus primeros 10 millones de usuarios
Escalando para sus primeros 10 millones de usuariosEscalando para sus primeros 10 millones de usuarios
Escalando para sus primeros 10 millones de usuarios
 
AMAZON CLOUD Course Content
AMAZON CLOUD Course ContentAMAZON CLOUD Course Content
AMAZON CLOUD Course Content
 
Building a Server-less Data Lake on AWS - Technical 301
Building a Server-less Data Lake on AWS - Technical 301Building a Server-less Data Lake on AWS - Technical 301
Building a Server-less Data Lake on AWS - Technical 301
 

Recently uploaded

OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
High Profile Call Girls Dahisar Arpita 9907093804 Independent Escort Service ...
High Profile Call Girls Dahisar Arpita 9907093804 Independent Escort Service ...High Profile Call Girls Dahisar Arpita 9907093804 Independent Escort Service ...
High Profile Call Girls Dahisar Arpita 9907093804 Independent Escort Service ...Call girls in Ahmedabad High profile
 

Recently uploaded (20)

OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
High Profile Call Girls Dahisar Arpita 9907093804 Independent Escort Service ...
High Profile Call Girls Dahisar Arpita 9907093804 Independent Escort Service ...High Profile Call Girls Dahisar Arpita 9907093804 Independent Escort Service ...
High Profile Call Girls Dahisar Arpita 9907093804 Independent Escort Service ...
 

Spark access control on Amazon EMR with AWS Lake Formation

  • 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Spark access control on Amazon EMR with AWS Lake Formation Anoop Johnson A N T 2 2 3 - R Principal Software Engineer Amazon Web Services
  • 2. What you will learn Background Authentication Query execution Demo
  • 3. Lake Formation: Secure once, access in many ways Amazon Athena Amazon Redshift Amazon EMR AWS Glue Amazon S3 Data catalog Permissions Lake Formation Admin
  • 4. Control data access with grant and revoke
  • 5. Permissions on tables and columns, not Amazon Simple Storage Service (Amazon S3)
  • 6. View and audit data access
  • 7. Why integrate Amazon EMR with Lake Formation? • Fine-grained, column-level access to databases and tables • Allows shared multi-tenant clusters to securely access data • Uses the AWS Glue Data Catalog as the metadata store • Federated single sign-on from your enterprise identity system • Active Directory (AD FS), Auth0, Okta, and many others • Uses Security Assertion Markup Language (SAML) 2.0
  • 9. Amazon EMR authentication Amazon EMR cluster User Used for impersonation Lake Formation
  • 10. Query execution under the hood Amazon EMR worker node 1 32 4 Amazon S3 5 6 Lake Formation
  • 11. Amazon EMR: Supported applications • AWS Glue Data Catalog • Identity providers with support for SAML • Applications • Spark SQL • Amazon EMR Notebooks and Zeppelin with Livy
  • 12. Integrating Amazon EMR with Lake Formation • Establish trust relationship between your corporate IdP and AWS • Configure IAM roles for Lake Formation • Configure Amazon EMR security features • Launch an Amazon EMR Lake Formation-enabled cluster
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.